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In location-based query a user wants to query a database of location data, 
known as Points Of Interest (POIs), and does not want to reveal his/her 
location to the server due to privacy concerns; (ii) the owner of the location 
data, that is, the location server, do Abstract: Nowadays, it is very easy for a 
person to learn his/her location with the help of a Global Positioning System 
(GPS) enabled device. A location s not want to simply distribute its data to 
all users. The location server desires to have some control over its data, 
since the data is its asset. A major enhancement upon previous solutions by 
introducing a two stage approach, the first step is based on Oblivious 
Transfer using homomorphic encryption and the second step is based on 
Private Information Retrieval, to achieve a secure solution for both parties. 
Introduce a security model and analyse the security in the context of our 
protocol. To highlight a security weakness of our previous work and present 
a solution using efficient homomorphic system. 
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I. INTRODUCTION 

Location-based services (LBS) are services that 
exploit knowledge about an information device is 
located. It applies the field of data mining and information 
security. Gathereing the information from the system 
available through an interface to various government 
and private entities such as fire 
departments,thepolice,ambulances,hotels,transportation,cu 
stoms,etc. Developing an software application (app) for 
various mobile platforms/de vices including iPhones, 
Androids and BlackBerry's. This will utilize the data to 
provide a privacy of location based services (LBS). 

To protect user privacy in location based queries 
search to obtain requiring privacy and usability in a 
user controllable manner. Such location can be 
represented in a variety of ways and depending on 
the context LBS can utilize several techniques for 
knowing an information device is geographically located. 



II. Problem Statement 

The privacy-aware LBS is to protect a user's private 
information from potentially malicious servers while 
responding to his queries .To achieve location privacy, 
user location and identity information for identifying of 
query results for both on the server and query evaluation. 
PIR to achieve such strong measures of privacy by placing 
trust on a secure coprocessor residing at the server side 
which is in charge of initiating PIR requests to the server 
and privately evaluating user queries . 
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Figure 1: PIR Query Execution 

Two components in Query Execution first one is PIR 
functionality ,and second is the query plan .The query 



plan ensures that every query retrieves 
number of blocks during its execution. 



the same 



A. System Model 

The system model consists of three types of entities 
first set of users to access location data and a service 
provider SP, and a location server, the SP and LS will 
compose a server, that will serve both functions. The 
user does not need to be concerned with the 
communication. The user would communicate a 
search keyword to the provider, and retrieve a 
ranked list of records matching the search term. 
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Figure 2: System Model 



III. Proposed System 

We design an modal for location based queries with 
homomorphic encryption that have major performance 
improvements with respect to the approach. The user 
privately determines his/her location within a grid in 
encryption way. This provides protection for both the 
user and the server. The user is protected because the 
server is unable to determine his/her location. Similarly, 
the server's data is protected since a malicious user 
can only decrypt the block of data obtained by PIR 
with the encryption key acquired in the previous stage. The 
users in our model use some location -based service 
provided by the location server LS. For example, 
what is the nearest hospital or hotel. 

We obtaining Location based information is extracted 
from the spatial database. User are responsible for 
retrieving the information through the query's derived 
from the location server. And updating the query and 
displaying search results are handled by the search 
data, are handled by the location server . Protecting 
sensitive information about an individual user's location, 
at the same time as providing useful location-based 
services to that user. Information can be exchanged 
between the user and the service provider to allow query 
results across a geographic area. Results indicate the 
possibility of large default privacy regions (areas of no 
change in result set) according to each latitude and 
longitude pairs. 
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Figure 3: System Architecture Diagram 

To establish and maintain the communication between 
the location server and the user for accessing location 
based information with a secure manner. 

A. Techniques 

i. Private Information Retrieval 

In the PIR protocol allows a user to retrieve an 
information from a location server of a database without 
revealing which information is retrieve. The user can 
initiate a private information retrieval protocol with the 
location server to acquire the encrypted POI data. The 
user information theoretic privacy for their query in a 
location server . There are two ways to address the 
problem: one is to mae the server computationally 
bounded and the each having a copy of the database. PIR 
protocol require an amount of communication that is least 
the size of the database n. PIR protocols tolerant of non- 
responsive or malicious server are called robust or 
Byzantine robust respectively. 

The basic motivation for Private Information Retrieval 
is a two-party protocols in which one of the parties (the 
sender) owns a database, and the other part( the receiver ) 
wants to query it with certain privacy restrictions. As a 
result of the protocol, if the receiver wants the i-th value in 
the database he must learn the i-th entry, but the sender 
must learn nothing about i so privacy is theoretically 
preserved. 

ii. oblivious Transfer Protocol 

An oblivious transfer protocol is a type of protocol in 
which a sender transfer one of potentially many pieces of 
information to a receiver , but remains oblivious as to what 
piece has been transferred. In the receive retrieves an 
element chosen by from the database. The Sender obtains 
no knowledge about which information is retrieved. 

Hi. Homomorphic Encryption 

We design a novel for encryption as Homomorphic 
Encryption which allows specific types of computations to 
be carried out on ciphertext and generate an encrypted 
result which, decrypted and matches the result of 



operations performed on the plaintext. It would allow the 
chaining together of different services without exposing 
the data of location server. 

This system supports both latitude and longitude is fully 
homomorphic encryption (FHE) and more powerful. 
Evaluating an encryption of their input to produce an 
encryption of their output . Homomorphic encryption 
performes an encrypted data with each latitude and 
longitude pairs. The transformation of one data set into 
another while preserving relationships between elements in 
both sets. 

Homomorphic Encryption can be carried out as 
fellowing steps. 

• Ciphertext 

• Generating encrypted result 

• Decryt 

• Matches the results of operations 
performed on the plaintext. 

IV. Related Work 

Gabriel Ghinit proposed an hybrid approach, outlined 
in the LS, which determines a set of user and the 
LS engage in a novel cryptographic protocol that privately 
determines the location information .Then a PIR round to 
retrieve the content. The amount of protection offered to 
the database by the hybrid method, in comparison with 
location cloaking (label CR-only) and the pure-PIR 
technique (label PIR-only), for varying CR size. The 
PIR- only method does not use CRs, and always 
discloses approximately 250 POI (square root of database 
cardinality).Ali Khoshgozaran proposed an privacy 
metrics, the adversary and the information leak model 
and use them throughout to evaluate the privacy. The key 
idea behind our approach is to use PIR to privately query 
the index structures stored at the untrusted server to 
perform spatial queries, these algorithms are executed 
depends on the underlying PIR protocol employed. To 
achieve such strong measures of privacy by placing trust 
on a secure coprocessor residing at the server side 
which is in charge of initiating PIR requests to the 
server and privately evaluating user queries. 

Jun Pang proposed an mechanism to protect users' 
location and query privacy is spatial. As more user 
information becomes available with the fast growth of 
Internet applications ,e.g., social networks, attackers 
have the ability to construct users' personal profiles. 
This gives rise to new challenges and reconsideration of 
the existing privacy metrics, such as k-anonymity. we 
propose an new metrics to measure users' query privacy 
taking into account user profiles. To satisfying users' 
privacy requirements expressed in these metrics. Location- 
based queries lead to privacy concerns especially in 
cases when LBSPs are not trusted. Tan et al. define 
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information leakage to measure the amount of 
revealed location information in spatial cloaking, which 
quantifies the balance between privacy and performance 
introduce the concept of location diversity to ensure 
generalised regions to contain at least v semantic 
locations (e.g., schools, hospitals). 

V. Conclusion 

In this work, we proposed an efficient location 
based query involves a private information retrieval 
interaction that retrieves the record with high 
communication efficiency using Homomorphic 
Encryption which allows specific types of computations to 
be carried out on ciphertext and generate an encrypted 
result which, decrypted and matches the result of 
operations performed on the plaintext. It would allow the 
chaining together of different services without exposing 
the data of location server. These updates can happen in 
the background, and the query processor can have 
access to the updated database.Using the prototypical 
example of a local search application, the information 
that can be exchanged between the user and the 
provider to enable a privacy- supportive LBS. Further 
to this work, the privacy of user information who try to 
retrieve the data can be maintained by applying the private 
information retrieval and the user may post an query using 
both latitude and longitude pairs.. 
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